SlideShare a Scribd company logo

Akamai CSO Andy Ellis Keynotes RSA Conference 2013

Akamai Technologies
Akamai Technologies

View Andy's keynote slides or watch the video at the end: Mind over Matter: Managing Risk with Psychology Instead of Brute Force Learn more about Kona Security Solutions: http://www.akamai.com/html/solutions/kona-solutions.html Learn more about Akamai's presence at RSA Conference 2013: http://www.akamai.com/html/ms/rsa_conference_2013.html

Technology
1 of 14
Download to read offline
Mind over Matter Andy Ellis Chief Security Officer @csoandy #RSAkamai
The Problem: A Typical Business Risk Conversation Business Owner Security Here is my project. Here’s our ISO 27002 checklist of Is it safe? every mistake anyone’s ever made. Prove you haven’t. That’s really long. Can you fill it out for me? Sure. You have a bunch of esoteric risk here. Really? Is that a showstopper? If I say yes, you’re going to override me, aren’t you? And if I say no, I’m in trouble if this goes wrong...
The Goal: Increasing Value
Steady State: Security Value Balances Perceived Risk SECURITY VALUE PERCEIVED RISK Low perceived risk leads to lower resource investment! Low perceived capability leads to lower perceived risk!
Peltzman Effect What your organization thinks it can get away with organization thinks Organizations People do. don’t think:
People What Do Organizations Consider Risk? Lizards Business Owner Is my P/L good? Will CEO I gain market share? Is this profitable? Sales CFO Can I meet my Is this a good allocation quota with this? of resources? Employees Security Will I have a job? Is this safe?
Set-Point Theory Of Risk Tolerance SECURITY VALUE PERCEIVED RISK
Unmitigated Risk Psychosis SECURITY VALUE PERCEIVED RISK A C T U A L R I S K* *not actually actual risk Attempts to leave residual risk may result in new risk budgets!
Training Lizards SECURITY VALUE PERCEIVED RISK A C T U A L R I S K* Risk Management can be trained like any other muscle.
Where Is Your Residual Risk? Business Owner CEO Competitors are gaining. Products A & B are high Have to move faster! risk. C should be safer. Sales CFO That last product didn’t sell. You came in over budget. Are your I’ll sell something else. numbers accurate? Employees Security This business is unprofitable. Here’s our ISO 27002 checklist of Update my resume! every mistake anyone’s ever made. Prove you haven’t.
Success: A Better Business Risk Conversation Business Owner Security Here is my project. I don’t know. Is it? Is it safe? Here’s how to think about Wait, what? safety. Do you think your product is safe? Ummm.... Great, glad to hear it. Here’s my assessment of Can you fix those outliers my risk. in your next release? I think this is reasonably safe.
An Approach: How Do You Get Better?
Takeaway: Improve Security Value Goal of any security program: dv/dt > 0 Beating your head against the wall: focusing on increasing resources. Goal: dr/dt > 0 A good security program wants to create surplus. Goal: dc/dt > 0
Questions, Answers, and Pontifications Andy Ellis aellis@akamai.com @csoandy http://www.csoandy.com/

Recommended

The State of the Internet, 1st Quarter, 2013 Report
The State of the Internet, 1st Quarter, 2013 Report The State of the Internet, 1st Quarter, 2013 Report
The State of the Internet, 1st Quarter, 2013 Report Akamai Technologies
 
Velocity 2013: Resolution For A Faster Site
Velocity 2013: Resolution For A Faster Site Velocity 2013: Resolution For A Faster Site
Velocity 2013: Resolution For A Faster Site Akamai Technologies
 
Akamai Intelligent Edge Security
Akamai Intelligent Edge SecurityAkamai Intelligent Edge Security
Akamai Intelligent Edge SecurityAkamai Technologies
 
Replacing recovery with resilience
Replacing recovery with resilienceReplacing recovery with resilience
Replacing recovery with resilienceAkamai Technologies
 
Competitive EDGE - Data Driven Differentiation
Competitive EDGE - Data Driven DifferentiationCompetitive EDGE - Data Driven Differentiation
Competitive EDGE - Data Driven DifferentiationAkamai Technologies
 
3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against Malware3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against MalwareAkamai Technologies
 
3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access ModelAkamai Technologies
 
새로운 원격 접속 모델이 필요한 3가지 이유
새로운 원격 접속 모델이 필요한 3가지 이유새로운 원격 접속 모델이 필요한 3가지 이유
새로운 원격 접속 모델이 필요한 3가지 이유Akamai Technologies
 

Recommended

The State of the Internet, 1st Quarter, 2013 Report
The State of the Internet, 1st Quarter, 2013 Report The State of the Internet, 1st Quarter, 2013 Report
The State of the Internet, 1st Quarter, 2013 Report Akamai Technologies
 
Velocity 2013: Resolution For A Faster Site
Velocity 2013: Resolution For A Faster Site Velocity 2013: Resolution For A Faster Site
Velocity 2013: Resolution For A Faster Site Akamai Technologies
 
Akamai Intelligent Edge Security
Akamai Intelligent Edge SecurityAkamai Intelligent Edge Security
Akamai Intelligent Edge SecurityAkamai Technologies
 
Replacing recovery with resilience
Replacing recovery with resilienceReplacing recovery with resilience
Replacing recovery with resilienceAkamai Technologies
 
Competitive EDGE - Data Driven Differentiation
Competitive EDGE - Data Driven DifferentiationCompetitive EDGE - Data Driven Differentiation
Competitive EDGE - Data Driven DifferentiationAkamai Technologies
 
3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against Malware3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against MalwareAkamai Technologies
 
3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access ModelAkamai Technologies
 
새로운 원격 접속 모델이 필요한 3가지 이유
새로운 원격 접속 모델이 필요한 3가지 이유새로운 원격 접속 모델이 필요한 3가지 이유
새로운 원격 접속 모델이 필요한 3가지 이유Akamai Technologies
 
更新遠端存取模式的 3 大理由
更新遠端存取模式的 3 大理由更新遠端存取模式的 3 大理由
更新遠端存取模式的 3 大理由Akamai Technologies
 
应该采用全新远程访问模式的 3 大原因
应该采用全新远程访问模式的 3 大原因应该采用全新远程访问模式的 3 大原因
应该采用全新远程访问模式的 3 大原因Akamai Technologies
 
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと きAkamai Technologies
 
3 razões chegou a hora de um novo modelo de acesso remoto
3 razões chegou a hora de um novo modelo de acesso remoto3 razões chegou a hora de um novo modelo de acesso remoto
3 razões chegou a hora de um novo modelo de acesso remotoAkamai Technologies
 
3 motivi per cui è necessario un nuovo modello di accesso remoto
3 motivi per cui è necessario un nuovo modello di accesso remoto3 motivi per cui è necessario un nuovo modello di accesso remoto
3 motivi per cui è necessario un nuovo modello di accesso remotoAkamai Technologies
 
3 raisons de changer votre modèle d'accès à distance
3 raisons de changer votre modèle d'accès à distance3 raisons de changer votre modèle d'accès à distance
3 raisons de changer votre modèle d'accès à distanceAkamai Technologies
 
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...Akamai Technologies
 
3 Gründe für eine neue Art des Remotezugriffs
3 Gründe für eine neue Art des Remotezugriffs3 Gründe für eine neue Art des Remotezugriffs
3 Gründe für eine neue Art des RemotezugriffsAkamai Technologies
 
Chicago Tech Day Jan 2015: Foundry - HTTP2
Chicago Tech Day Jan 2015: Foundry - HTTP2Chicago Tech Day Jan 2015: Foundry - HTTP2
Chicago Tech Day Jan 2015: Foundry - HTTP2Akamai Technologies
 
Chicago Tech Day Jan 2015: RWD
Chicago Tech Day Jan 2015: RWDChicago Tech Day Jan 2015: RWD
Chicago Tech Day Jan 2015: RWDAkamai Technologies
 
Chicago Tech Day Jan 2015: Hidden Features
Chicago Tech Day Jan 2015: Hidden FeaturesChicago Tech Day Jan 2015: Hidden Features
Chicago Tech Day Jan 2015: Hidden FeaturesAkamai Technologies
 
Customer Technology Day Chicago 2015
Customer Technology Day Chicago 2015Customer Technology Day Chicago 2015
Customer Technology Day Chicago 2015Akamai Technologies
 
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEA
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEAEdge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEA
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEAAkamai Technologies
 
Edge 2014: Increasing Control with Property Manager with eBay
Edge 2014: Increasing Control with Property Manager with eBayEdge 2014: Increasing Control with Property Manager with eBay
Edge 2014: Increasing Control with Property Manager with eBayAkamai Technologies
 
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case Study
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case StudyEdge 2014: Bypass Surgery - Akamai's Heartbleed Response Case Study
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case StudyAkamai Technologies
 
Edge 2014: MPEG DASH – Tomorrow's Format Today
Edge 2014: MPEG DASH – Tomorrow's Format TodayEdge 2014: MPEG DASH – Tomorrow's Format Today
Edge 2014: MPEG DASH – Tomorrow's Format TodayAkamai Technologies
 
Edge 2014: A Modern Approach to Performance Monitoring
Edge 2014: A Modern Approach to Performance MonitoringEdge 2014: A Modern Approach to Performance Monitoring
Edge 2014: A Modern Approach to Performance MonitoringAkamai Technologies
 
Edge 2014: Million Browser Botnet - Live Demonstration
Edge 2014: Million Browser Botnet - Live DemonstrationEdge 2014: Million Browser Botnet - Live Demonstration
Edge 2014: Million Browser Botnet - Live DemonstrationAkamai Technologies
 
Key Reasons Customers Choose Akamai
Key Reasons Customers Choose Akamai Key Reasons Customers Choose Akamai
Key Reasons Customers Choose Akamai Akamai Technologies
 
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...Site Shield Product Brief - Origin defense by cloaking web infrastructure and...
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...Akamai Technologies
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 

More Related Content

More from Akamai Technologies

更新遠端存取模式的 3 大理由
更新遠端存取模式的 3 大理由更新遠端存取模式的 3 大理由
更新遠端存取模式的 3 大理由Akamai Technologies
 
应该采用全新远程访问模式的 3 大原因
应该采用全新远程访问模式的 3 大原因应该采用全新远程访问模式的 3 大原因
应该采用全新远程访问模式的 3 大原因Akamai Technologies
 
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと きAkamai Technologies
 
3 razões chegou a hora de um novo modelo de acesso remoto
3 razões chegou a hora de um novo modelo de acesso remoto3 razões chegou a hora de um novo modelo de acesso remoto
3 razões chegou a hora de um novo modelo de acesso remotoAkamai Technologies
 
3 motivi per cui è necessario un nuovo modello di accesso remoto
3 motivi per cui è necessario un nuovo modello di accesso remoto3 motivi per cui è necessario un nuovo modello di accesso remoto
3 motivi per cui è necessario un nuovo modello di accesso remotoAkamai Technologies
 
3 raisons de changer votre modèle d'accès à distance
3 raisons de changer votre modèle d'accès à distance3 raisons de changer votre modèle d'accès à distance
3 raisons de changer votre modèle d'accès à distanceAkamai Technologies
 
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...Akamai Technologies
 
3 Gründe für eine neue Art des Remotezugriffs
3 Gründe für eine neue Art des Remotezugriffs3 Gründe für eine neue Art des Remotezugriffs
3 Gründe für eine neue Art des RemotezugriffsAkamai Technologies
 
Chicago Tech Day Jan 2015: Foundry - HTTP2
Chicago Tech Day Jan 2015: Foundry - HTTP2Chicago Tech Day Jan 2015: Foundry - HTTP2
Chicago Tech Day Jan 2015: Foundry - HTTP2Akamai Technologies
 
Chicago Tech Day Jan 2015: Hidden Features
Chicago Tech Day Jan 2015: Hidden FeaturesChicago Tech Day Jan 2015: Hidden Features
Chicago Tech Day Jan 2015: Hidden FeaturesAkamai Technologies
 
Customer Technology Day Chicago 2015
Customer Technology Day Chicago 2015Customer Technology Day Chicago 2015
Customer Technology Day Chicago 2015Akamai Technologies
 
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEA
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEAEdge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEA
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEAAkamai Technologies
 
Edge 2014: Increasing Control with Property Manager with eBay
Edge 2014: Increasing Control with Property Manager with eBayEdge 2014: Increasing Control with Property Manager with eBay
Edge 2014: Increasing Control with Property Manager with eBayAkamai Technologies
 
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case Study
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case StudyEdge 2014: Bypass Surgery - Akamai's Heartbleed Response Case Study
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case StudyAkamai Technologies
 
Edge 2014: MPEG DASH – Tomorrow's Format Today
Edge 2014: MPEG DASH – Tomorrow's Format TodayEdge 2014: MPEG DASH – Tomorrow's Format Today
Edge 2014: MPEG DASH – Tomorrow's Format TodayAkamai Technologies
 
Edge 2014: A Modern Approach to Performance Monitoring
Edge 2014: A Modern Approach to Performance MonitoringEdge 2014: A Modern Approach to Performance Monitoring
Edge 2014: A Modern Approach to Performance MonitoringAkamai Technologies
 
Edge 2014: Million Browser Botnet - Live Demonstration
Edge 2014: Million Browser Botnet - Live DemonstrationEdge 2014: Million Browser Botnet - Live Demonstration
Edge 2014: Million Browser Botnet - Live DemonstrationAkamai Technologies
 
Key Reasons Customers Choose Akamai
Key Reasons Customers Choose Akamai Key Reasons Customers Choose Akamai
Key Reasons Customers Choose Akamai Akamai Technologies
 
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...Site Shield Product Brief - Origin defense by cloaking web infrastructure and...
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...Akamai Technologies
 

More from Akamai Technologies (20)

更新遠端存取模式的 3 大理由
更新遠端存取模式的 3 大理由更新遠端存取模式的 3 大理由
更新遠端存取模式的 3 大理由
 
应该采用全新远程访问模式的 3 大原因
应该采用全新远程访问模式的 3 大原因应该采用全新远程访问模式的 3 大原因
应该采用全新远程访问模式的 3 大原因
 
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き
 
3 razões chegou a hora de um novo modelo de acesso remoto
3 razões chegou a hora de um novo modelo de acesso remoto3 razões chegou a hora de um novo modelo de acesso remoto
3 razões chegou a hora de um novo modelo de acesso remoto
 
3 motivi per cui è necessario un nuovo modello di accesso remoto
3 motivi per cui è necessario un nuovo modello di accesso remoto3 motivi per cui è necessario un nuovo modello di accesso remoto
3 motivi per cui è necessario un nuovo modello di accesso remoto
 
3 raisons de changer votre modèle d'accès à distance
3 raisons de changer votre modèle d'accès à distance3 raisons de changer votre modèle d'accès à distance
3 raisons de changer votre modèle d'accès à distance
 
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...
 
3 Gründe für eine neue Art des Remotezugriffs
3 Gründe für eine neue Art des Remotezugriffs3 Gründe für eine neue Art des Remotezugriffs
3 Gründe für eine neue Art des Remotezugriffs
 
Chicago Tech Day Jan 2015: Foundry - HTTP2
Chicago Tech Day Jan 2015: Foundry - HTTP2Chicago Tech Day Jan 2015: Foundry - HTTP2
Chicago Tech Day Jan 2015: Foundry - HTTP2
 
Chicago Tech Day Jan 2015: RWD
Chicago Tech Day Jan 2015: RWDChicago Tech Day Jan 2015: RWD
Chicago Tech Day Jan 2015: RWD
 
Chicago Tech Day Jan 2015: Hidden Features
Chicago Tech Day Jan 2015: Hidden FeaturesChicago Tech Day Jan 2015: Hidden Features
Chicago Tech Day Jan 2015: Hidden Features
 
Customer Technology Day Chicago 2015
Customer Technology Day Chicago 2015Customer Technology Day Chicago 2015
Customer Technology Day Chicago 2015
 
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEA
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEAEdge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEA
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEA
 
Edge 2014: Increasing Control with Property Manager with eBay
Edge 2014: Increasing Control with Property Manager with eBayEdge 2014: Increasing Control with Property Manager with eBay
Edge 2014: Increasing Control with Property Manager with eBay
 
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case Study
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case StudyEdge 2014: Bypass Surgery - Akamai's Heartbleed Response Case Study
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case Study
 
Edge 2014: MPEG DASH – Tomorrow's Format Today
Edge 2014: MPEG DASH – Tomorrow's Format TodayEdge 2014: MPEG DASH – Tomorrow's Format Today
Edge 2014: MPEG DASH – Tomorrow's Format Today
 
Edge 2014: A Modern Approach to Performance Monitoring
Edge 2014: A Modern Approach to Performance MonitoringEdge 2014: A Modern Approach to Performance Monitoring
Edge 2014: A Modern Approach to Performance Monitoring
 
Edge 2014: Million Browser Botnet - Live Demonstration
Edge 2014: Million Browser Botnet - Live DemonstrationEdge 2014: Million Browser Botnet - Live Demonstration
Edge 2014: Million Browser Botnet - Live Demonstration
 
Key Reasons Customers Choose Akamai
Key Reasons Customers Choose Akamai Key Reasons Customers Choose Akamai
Key Reasons Customers Choose Akamai
 
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...Site Shield Product Brief - Origin defense by cloaking web infrastructure and...
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...
 

Recently uploaded

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

Akamai CSO Andy Ellis Keynotes RSA Conference 2013

  • 1. Mind over Matter Andy Ellis Chief Security Officer @csoandy #RSAkamai
  • 2. The Problem: A Typical Business Risk Conversation Business Owner Security Here is my project. Here’s our ISO 27002 checklist of Is it safe? every mistake anyone’s ever made. Prove you haven’t. That’s really long. Can you fill it out for me? Sure. You have a bunch of esoteric risk here. Really? Is that a showstopper? If I say yes, you’re going to override me, aren’t you? And if I say no, I’m in trouble if this goes wrong...
  • 4. Steady State: Security Value Balances Perceived Risk SECURITY VALUE PERCEIVED RISK Low perceived risk leads to lower resource investment! Low perceived capability leads to lower perceived risk!
  • 5. Peltzman Effect What your organization thinks it can get away with organization thinks Organizations People do. don’t think:
  • 6. People What Do Organizations Consider Risk? Lizards Business Owner Is my P/L good? Will CEO I gain market share? Is this profitable? Sales CFO Can I meet my Is this a good allocation quota with this? of resources? Employees Security Will I have a job? Is this safe?
  • 7. Set-Point Theory Of Risk Tolerance SECURITY VALUE PERCEIVED RISK
  • 8. Unmitigated Risk Psychosis SECURITY VALUE PERCEIVED RISK A C T U A L R I S K* *not actually actual risk Attempts to leave residual risk may result in new risk budgets!
  • 9. Training Lizards SECURITY VALUE PERCEIVED RISK A C T U A L R I S K* Risk Management can be trained like any other muscle.
  • 10. Where Is Your Residual Risk? Business Owner CEO Competitors are gaining. Products A & B are high Have to move faster! risk. C should be safer. Sales CFO That last product didn’t sell. You came in over budget. Are your I’ll sell something else. numbers accurate? Employees Security This business is unprofitable. Here’s our ISO 27002 checklist of Update my resume! every mistake anyone’s ever made. Prove you haven’t.
  • 11. Success: A Better Business Risk Conversation Business Owner Security Here is my project. I don’t know. Is it? Is it safe? Here’s how to think about Wait, what? safety. Do you think your product is safe? Ummm.... Great, glad to hear it. Here’s my assessment of Can you fix those outliers my risk. in your next release? I think this is reasonably safe.
  • 12. An Approach: How Do You Get Better?
  • 13. Takeaway: Improve Security Value Goal of any security program: dv/dt > 0 Beating your head against the wall: focusing on increasing resources. Goal: dr/dt > 0 A good security program wants to create surplus. Goal: dc/dt > 0
  • 14. Questions, Answers, and Pontifications Andy Ellis aellis@akamai.com @csoandy http://www.csoandy.com/